TLS: use RFC 6125 rules for certifucate name checks when CNAMES are present....

[users/heiko/exim.git] / doc / doc-txt / ChangeLog

diff --git a/doc/doc-txt/ChangeLog b/doc/doc-txt/ChangeLog
index 621d5b1b582f4c52545ad4c42c1f5881b3ee473f..6120058032c04e08f5fa2a82659c22c8f21c970f 100644 (file)
--- a/doc/doc-txt/ChangeLog
+++ b/doc/doc-txt/ChangeLog
@@ -21,6 +21,16 @@ JH/04 Bug 2590: Fix -bi (newaliases).  A previous code rearrangement had
       broken the (no-op) support for this sendmail command.  Restore it
       to doing nothing, silently, and returning good status.
 
+JH/05 Bug 2593: Fix "vacation" in Exim filter.  Previously, when a "once"
+      record path was given (or the default used) without a leading directory
+      path, an error occurred on trying to open it.  Use the transport's working
+      directory.
+
+JH/06 Bug 2594: Change the name used for certificate name checks in the smtp
+      transport.  Previously it was the name on the DNS A-record; use instead
+      the head of the CNAME chain leading there (if there is one).  This seems
+      to align better with RFC 6125.
+
 
 Exim version 4.94
 -----------------
@@ -326,7 +336,7 @@ JH/20 Bug 2389: fix server advertising of usable certificates, under GnuTLS in
 
 JH/21 The smtp transport option "hosts_noproxy_tls" is now unset by default.
       A single TCP connection by a client will now hold a TLS connection open
-      for multiple message deliveries, by default.  Previoud the default was to
+      for multiple message deliveries, by default.  Previously the default was to
       not do so.
 
 JH/22 The smtp transport option "hosts_try_dane" now enables all hosts by